From: Nagareshwar Talekar (tnagareshwar@gmail.com)
Date: Mon Feb 27 2006 - 02:02:25 EST
Hi
Try filesnarf from the dsniff package...that copies files
transfered over the network to the disk...
On 2/27/06, Jim Morgan <peripatetic@myrealbox.com> wrote:
> At 25/02/2006 21:00, you wrote:
> >I am looking for a tool to snarf files (e.g. Word documents etc.) from a
> >sniff dump (e.g. ethereal or tcpdump) in an M$ Windows LAN (SMB) or
> >between a client and a printer (PS, PCL etc.). Does someone know such
> >tools (I know Dsniff, but it is not exactly what I am looking for)?
>
> http://tcpxtract.sourceforge.net/
>
> tcpxtract is a tool for extracting files from network traffic based
> on file signatures. Extracting files based on file type headers and
> footers (sometimes called "carving") is an age old data recovery
> technique. Tools like Foremost employ this technique to recover files
> from arbitrary data streams. Tcpxtract uses this technique
> specifically for the application of intercepting files transmitted
> across a network. Other tools that fill a similar need are driftnet
> and EtherPEG. driftnet and EtherPEG are tools for monitoring and
> extracting graphic files on a network and is commonly used by network
> administrators to police the internet activity of their users. The
> major limitations of driftnet and EtherPEG is that they only support
> three filetypes with no easy way of adding more. The search technique
> they use is also not scalable and does not search across packet
> boundries. tcpxtract features the following:
> Supports 26 popular file formats out-of-the-box. New formats can be
> added by simply editing its config file.
> With a quick conversion, you can use your old Foremost config file
> with tcpxtract.
> Custom written search algorithm is lightning fast and very scalable.
> Search algorithm searches across packet boundries for total coverage
> and forensic quality.
> Uses libpcap, a popular, portable and stable library for network data capture.
> Can be used against a live network or a tcpdump formatted capture file.
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>
-- With Regards Nagareshwar ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:34 EDT